No more typing reviews! Try our Samantha, our new voice AI agent.

Anomali vs Tines comparison

Anomali and Tines are both solutions in the Threat Intelligence Platforms (TIP) category. Anomali is ranked #8 with an average rating of 8.5, while Tines is ranked #11 with an average rating of 8.8. Anomali holds a 3.9% mindshare in TIPT, compared to Tines’s 1.0% mindshare. Additionally, 80% of Anomali users are willing to recommend the solution, compared to 100% of Tines users who would recommend it.
Anomali
Read 4 Anomali reviews
  • 6,575 Views
  • 2,367 Comparison Views
80% willing to recommend
Tines
Read 5 Tines reviews
  • 3,901 Views
  • 585 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jan 18, 2026

Anomali and Tines compete in the cybersecurity market. Tines appears to have the upper hand due to its superior features and integration capabilities.

Features: Anomali provides comprehensive threat intelligence, real-time threat analysis, and robust reporting tools. Tines offers advanced workflow automation, seamless integration with various platforms, and powerful incident management. The main difference is Anomali's focus on intelligence gathering while Tines emphasizes automation and integrations.

Room for Improvement: Anomali could enhance its user interface and reporting flexibility and expand its integration options with third-party tools. For Tines, improvements could be made in offering more detailed documentation, expanding support for non-technical users, and reducing the complexity of its automation setup for beginners.

Ease of Deployment and Customer Service: Anomali has a straightforward deployment process with dedicated support, enhancing implementation. Tines is known for its innovative, user-centric deployment model, focusing on simplicity and rapid integration, which provides an edge in terms of user experience.

Pricing and ROI: Anomali's setup costs are competitive, offering a strong ROI linked to its threat intelligence capabilities. Tines, though initially more expensive, provides significant ROI through reduced operational overhead and efficiency gains due to automation. Its pricing justifies operational benefits and long-term efficiencies.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Anomali vs. Tines Report (Updated: April 2026).
Buyer's Guide
Anomali vs. Tines
April 2026
Download the complete report
Helped 893,221 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Anomali
Ranking in Threat Intelligence Platforms (TIP)
8th
Average Rating
7.8
Reviews Sentiment
7.2
Number of Reviews
4
Ranking in other categories
Security Information and Event Management (SIEM) (32nd), User Entity Behavior Analytics (UEBA) (12th), Advanced Threat Protection (ATP) (21st), Extended Detection and Response (XDR) (22nd)
Tines
Ranking in Threat Intelligence Platforms (TIP)
11th
Average Rating
8.8
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (6th), AI-Powered Security Automation (1st), AI IT Support (10th)
 

Mindshare comparison

As of May 2026, in the Threat Intelligence Platforms (TIP) category, the mindshare of Anomali is 3.9%, down from 4.9% compared to the previous year. The mindshare of Tines is 1.0%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Threat Intelligence Platforms (TIP) Mindshare Distribution
ProductMindshare (%)
Anomali3.9%
Tines1.0%
Other95.1%
Threat Intelligence Platforms (TIP)
 

Featured Reviews

CC
ChrisCollins
Enterprise Security Architect V at FirstEnergy
Enables automated threat intelligence sorting and enhances proactive threat hunting capabilities
You have to have at least a threat intelligence background or a SOC analyst background to use it, as that's the information you'll dig around with in there. If you don't have that kind of knowledge, it probably can be a little hard to use, but they do provide training. They offer training not only for how to use the platform but also some basic threat intelligence training to explain what these things are and what these terms mean. My company is a customer of Anomali. I would recommend it to other people. I would advise making sure you don't pick it without testing other products and have your use cases well thought out and documented before testing, so you know it will solve the problems you're trying to address. Keep an open mind with it and realize that whatever you can dream of, you can probably do with the platform. Overall, I would rate Anomali an eight out of ten.
Read full review
MI
Mahesh P Iyer Mahesh
Cyber Security Engineer at a tech vendor with 1,001-5,000 employees
Automation has transformed alert triage and now powers AI-driven security operations
There are three things that I would say could be better. The first is the Change Control UI. I have noticed that the UI for Change Control is a bit difficult to navigate and assess, but I know that Tines is working on that and so hopefully we will see results soon. The second thing is the action called Implode. The issue with the Implode action is that once we get a certain number of events into the Implode action, we lose context of all the events except the last one that came in, so it is a bit difficult to send data back once it goes through the Implode action. I have raised this up with Tines, but I do not know if they are working on this or not. The third thing is the capacity to debug. If my story is not attached to a case, it is a bit difficult to debug if I run into an error. I have to identify the exact event that caused the error and then start debugging from there, so that is not entirely user-friendly. These are the three downfalls that I have noticed with Tines.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"We now have a very robust collection of threat intelligence based on the capabilities that Anomali provides."
"The feature I have found most valuable is credential monitoring. This feature is easy and quick."
"The most valuable aspect of Anomali is the threat modeling capability."
"I have found Cyber threat intelligence (CTI) very useful and concise. The solution is easy to use."
"One of the most valuable features is that it’s a low-code solution."
"The best advantage is the no-code automation, excellent customer support services, and ease of integration with other tools."
"The best thing is that it's no code, so it doesn't require coding knowledge."
"The tool was vendor-neutral."
"For an analyst, it would take at least one hour to two hours to get the result with this much perfection, but with Tines, it happens instantaneously."
 

Cons

"An area for improvement is the intelligence sharing within the Anomali community. The tagging system can be inconsistent, as any company can use any tags for their reporting."
"Less code in integration would be nice when building blocks."
"Anomali Enterprise could improve by combining all the other tools' features into one solution."
"Support in the past has been top-notch, but recent trends indicate that it has taken a back seat, as we often don't get answers for days."
"A lot of tools can give you many features, such as CTI intelligence and a tax service reduction. However, many people are combining different tools together to have more capabilities. It is up to the consumer whether they want to have multiple tools or have one tool that serves the purpose. Anomali Enterprise could improve by combining all the other tools' features into one solution."
"Tines was a little bit more expensive than Torq."
"Maybe Tines can add more features and demonstrations, like videos on how to use the features within the tool."
"Reporting and dashboards could be more advanced for deeper analysis."
"There are three things that I would say could be better."
"They started implementing some AI, and their AI is isolated."
 

Pricing and Cost Advice

"When comparing the price of Anomali Enterprise to other solutions it is in the medium to high range. However, I am satisfied with the price."
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Threat Intelligence Platforms (TIP) solutions are best for your needs.
See recommendations
893,221 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Manufacturing Company
7%
Computer Software Company
7%
Construction Company
7%
Financial Services Firm
13%
Manufacturing Company
8%
Construction Company
7%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business2
Midsize Enterprise1
Large Enterprise5
No data available
 

Questions from the Community

What needs improvement with Anomali ThreatStream?
An area for improvement is the intelligence sharing within the Anomali community. The tagging system can be inconsistent, as any company can use any tags for their reporting. Combining all aliases ...
See all answers
What is your primary use case for Anomali ThreatStream?
I use Anomali ( /products/anomali-reviews ) for threat hunting, threat collection, operationalization of intelligence, such as indicators of compromise (IOCs), and dissemination of reports for repo...
See all answers
What advice do you have for others considering Anomali ThreatStream?
For new users, I recommend taking the training provided by Anomali as it is very well articulated. I advise reading the user manual and taking the instructor-led training sessions from the customer...
See all answers
What needs improvement with Tines?
There are three things that I would say could be better. The first is the Change Control UI. I have noticed that the UI for Change Control is a bit difficult to navigate and assess, but I know that...
See all answers
What is your primary use case for Tines?
In the cybersecurity engineering and security automation field, we use Tines to automate the enrichment and analysis of different use cases, including IOC enrichment and bringing AI-powered capabil...
See all answers
What advice do you have for others considering Tines?
We are not in control of the deployment anymore. Initially we were using an S3 bucket to deploy Tines, but now Tines is taking care of the deployment. It used to be Amazon before, but now Tines is ...
See all answers
 

Comparisons

ThreatConnect Threat Intelligence Platform (TIP) vs Anomali Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Anomali
Compared 5% of the time
Recorded Future vs Anomali Logo
Recorded Future vs Anomali
Compared 4% of the time
Splunk Enterprise Security vs Anomali Logo
Splunk Enterprise Security vs Anomali
Compared 3% of the time
Hunters vs Anomali Logo
Hunters vs Anomali
Compared 3% of the time
IBM Security QRadar vs Anomali Logo
IBM Security QRadar vs Anomali
Compared 3% of the time
More Anomali Competitors
Torq vs Tines Logo
Torq vs Tines
Compared 23% of the time
Splunk SOAR vs Tines Logo
Splunk SOAR vs Tines
Compared 12% of the time
Palo Alto Networks Cortex XSOAR vs Tines Logo
Palo Alto Networks Cortex XSOAR vs Tines
Compared 11% of the time
Blink Ops vs Tines Logo
Blink Ops vs Tines
Compared 8% of the time
Swimlane vs Tines Logo
Swimlane vs Tines
Compared 6% of the time
More Tines Competitors
 

Product Reports

Buyer's Guide
Threat Intelligence Platforms (TIP)
April 2026
Anomali reportDownload Anomali product report
Buyer's Guide
Tines
April 2026
Tines reportDownload Tines product report
 

Also Known As

Match, Lens, ThreatStream, STAXX, Anomali Security Analytics
No data available
 

Overview

Anomali delivers user-friendly cyber threat intelligence, offering concise insights with robust capabilities for evolving scenarios.

Anomali offers a powerful platform for cyber threat intelligence, allowing organizations to efficiently stream and analyze threat feeds. It excels in threat modeling, prioritizing intelligence, and supporting large-scale automation through its API, fostering a proactive security approach.

What are Anomali's Key Features?
  • Threat Intelligence: Provides concise and user-friendly intelligence.
  • Threat Modeling: Enables prioritization and efficient organization of intelligence.
  • Credential Monitoring: Performs quickly with efficient dataset handling.
  • API Automation: Supports large-scale automation for robust intelligence management.
  • Adaptability: Offers capabilities to grow beyond initial use cases.
Which Benefits or ROI Should Users Consider?
  • Efficient Intelligence Collection: Quickly gathers and organizes data for use.
  • Enhanced Threat Analysis: Correlates data effectively for proactive security.
  • Automation Support: Saves time with extensive API capabilities.
  • Scalability: Adapts and scales with emerging security needs.

Anomali serves as a crucial tool for threat intelligence in industries ranging from finance to healthcare. Organizations stream threat feeds into Anomali to correlate and aggregate data, enhancing security measures and facilitating thorough threat investigations. Its adaptability makes it suitable across different sectors.

Anomali

Tines offers no-code and low-code automation for users to automate tasks without coding expertise, integrating seamlessly with APIs to enhance incident management and security operations.

Known for a vendor-neutral approach, Tines provides detailed documentation and live chat support, allowing for effective integration with other tools, scheduling capabilities, and streamlined processes that save time and effort. Users find it intuitive for efficient task handling, making manual intervention unnecessary. Challenges include the need for more comprehensive documentation and instructional videos, as well as improvements in AI integration and reporting aesthetics. Pricing is also noted as higher compared to alternatives.

What are the most important features of Tines?
  • No-code and low-code automation: Enables task automation without coding knowledge.
  • API integration: Facilitates enhanced automation for security operations.
  • Vendor-neutral approach: Promotes unbiased integration across various tools.
  • Detailed documentation: Provides users with comprehensive guides and support.
  • Scheduling capabilities: Allows users to automate workflows efficiently.
What benefits and ROI can users expect from Tines?
  • Time savings: Automates tasks to reduce manual processes.
  • Improved efficiency: Streamlines security operations, enhancing productivity.
  • Comprehensive task handling: Offers intuitive tools for managing complex tasks easily.

Tines primarily serves organizations in the security sector, automating security operations such as alert detection and managed detection and response. It's utilized extensively in security operation centers for tasks like phishing email processing, ticket creation, IOC investigations, and ticket assignments within enterprise security frameworks, with multiple teams delivering Tines services to enhance task handling efficiency.

Tines
 

Sample Customers

Bank of England, First Energy, UBISOFT, Bank of Hope, Blackhawk Network
Information Not Available
Buyer's Guide
Anomali vs. Tines
April 2026
Free Report: Anomali vs. Tines
Find out what your peers are saying about Anomali vs. Tines and other solutions. Updated: April 2026.
DOWNLOAD NOW
893,221 professionals have used our research since 2012.
See our Anomali vs. Tines report.
See our list of best Threat Intelligence Platforms (TIP) vendors.

We monitor all Threat Intelligence Platforms (TIP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.